Privacy Policy of Storengy Deutschland GmbH

We are pleased that you are visiting our website and thank you for your interest in our company and products.

In this privacy policy (as of June 2018) we, Storengy Deutschland GmbH (Storengy), provide information on the processing of personal data by us.

Personal data is information relating to an identified or identifiable person. In particular, these include information that allows your identity to be deduced, such as your name, telephone number, address or e-mail address. Statistical data that we collect when you visit our website/our storage portal for example and cannot be connected to your person do not fall under the definition of personal data.

1.    Point of contact

The point of contact and so-called responsible body for the processing of your personal data when you visit this website/our storage portal within the meaning of the EU General Data Protection Regulation (GDPR) is

Storengy Deutschland GmbH

Zimmerstrasse 56

10117 Berlin

Telephone     +49 (0)30 28 88 34-0

Fax                 +49 (0) 30 28 88 34-149

For all questions concerning data protection, for example in connection with our products and the use of our website/our storage portal, you can contact our external Data Protection Officer Mrs Inna Gendelman or Dr Tobias Greb from the Legal Department. Besides, you can contact us via This email address is being protected from spambots. You need JavaScript enabled to view it..

Inna Gendelman (Data Protection Officer)

Am Hamburger Bahnhof 4

10557 Berlin

Telephone     +49 (0)30 213 00 28 50

Fax:                +49 (0)30 213 00 28 99

This email address is being protected from spambots. You need JavaScript enabled to view it.

Dr Tobias Greb (Legal Department)

Zimmerstrasse 56

10117 Berlin

Telephone     +49 (0)30 28 88 34-251

Fax                 +49 (0) 30 28 88 34-149

This email address is being protected from spambots. You need JavaScript enabled to view it.


2.    Data processing for the purpose of contract initiation and execution

The processing of certain data is required for contract initiation and execution and for settlement of your contract. The legal basis for the data processing is Article 6(1) lit. b) GDPR. The basis of the decision on the establishment, implementation or termination of a contract can, under certain circumstances, include the processing of probability values for future payment behaviour. Among other things, the address data of the customer is included in the calculation of the probability values.

3.    Data processing in the case of a legitimate interest on the part of Storengy

We process your data in the individual case in order to protect our legitimate interests (Article 6(1) lit. f) GDPR). This includes the use of your personal data, among other things, in order to

  • implement measures for the improvement and development of products and services, and to contact you with customised offers and offer you tailored products;
  • determine credit and payment default risks in consultation and data exchange with credit agencies (e.g. Schufa, Creditreform);
  • determine and check the quality of service rendered to us on a random basis;
  • assert legal claims and for the defence of legal disputes to clarify or to prevent criminal offences;
  • determine addresses;
  • use your data anonymously for analysis and test purposes.

4.    Data processing on the basis of legal requirements or in the public interest

As a company, we are subject to various statutory obligations (e.g. the German Energy Industry Act (EnWG) and other legal provisions concerning energy, tax laws, the German Commercial Code (HGB)) that mandate the processing of your data for the fulfilment of the law. The legal basis for the processing of data is (Article 6(1) lit c) GDPR) (Article 6(1) lit. e) GDPR).

5.    Data processing on our website/on our storage portal

5.1.            Visiting our website/our storage portal

Each time you use our website ( or our storage portal ( we collect the access data automatically transmitted by your browser in order to make it possible for you to visit the website/the storage portal. The access data can, for example, include:

  • The IP address of the requesting device
  • The date and time of the request
  • The address of the accessed website and the requesting website
  • Information about the browser and operating system used
  • Online identifiers (e.g. device identifiers, session IDs)

The data processing of this access data is required in order to make visiting the website/the storage portal possible and to ensure the sustained functioning and security of our systems. The access data is also stored temporarily in internal log files for the purposes stated previously in order to generate statistical information on the use of our website/the storage portal, in order to further develop our website/our storage portal with regard to the usage habits of our visitors (e.g., if the share of mobile devices with which the sites are accessed increases) and for the purpose of general administrative maintenance of our website/our storage portal. The legal basis is Article 6(1) sentence 1 lit. b) GDPR. The information stored in the log files does not allow information concerning your person to be deduced directly - in particular, we only store the IP addresses in abbreviated, anonymised form. The log files are stored for a maximum of 30 days and, if necessary, archived, though only after anonymisation.

5.2.            Access to the protected area of the storage portal

You have the option of registering for the protected area of the storage portal via the storage portal. For this, we collect master data, contact information, your user name and the contact data for your company. The data that you are obliged to provide are highlighted in that they are marked as mandatory fields. Without this data, registration in the protected area of the storage portal is not possible. The legal basis of the processing is Article 6(1) 1 lit. b) and Article 6(1) sentence 1 lit. f) GDPR.

5.3.            Contacting us via our website/our storage portal

There are various options for contacting us as stated on our website/our storage portal. In this context, we process data exclusively for the purpose of communication with you. The legal basis is Article 6(1) 1 lit. b) and Article 6(1) sentence 1 lit. f) GDPR.

5.4.            Use of cookies

We use so-called cookies on our website/our storage portal. A cookie is a small text file that is stored on your device by the browser. Cookies are not used to run programmes or download viruses to your computer. The main purpose of our own cookies is more to make our services as time-saving as possible.

We also use our own cookies, for example,

  • for load distribution;
  • in order to save your language settings.

By doing so, we want to offer you more convenient and individual use of our website/our storage portal. These services are based on our above-mentioned legitimate interests, the legal basis is Article 6(1) sentence 1 lit. f) GDPR.

6.    Data processing in connection with a job application

6.1.            Processed data categories

We process data that relate to your application. These can be general data about your person (such as your name, address and contact information), information on your professional qualifications and education or information on further vocational training or other information that you provide to us in connection with your application.

We process personal data about you for the purpose of your application for employment to the extent that this is necessary for the decision on establishing an employment relationship with us. The legal basis for doing so is Section 26 (1) in conjunction with (8) sentence 2 of the German Federal Data Protection Act (BDSG). We can also process personal data about you to the extent necessary for the defence of legal claims asserted against us arising from the application process. The legal basis is Article 6(1), paragraph 1, lit. f) GDPR, the legitimate interest is, for example, a burden of proof in a proceeding in accordance with the General Equal Treatment Act (AGG). Insofar as an employment relationship results between you and us, in accordance with Section 26(1) of the German Federal Data Protection Act (BDSG), we can further process data already received from you for the purposes of the employment relationship, if this is required for the implementation or termination of the employment relationship or for the exercise or fulfilment of the rights and obligations of the representation of interests of the employees arising from a law or a collective bargaining agreement, a works agreement or a service agreement (collective agreement).

6.2.            Data sources

If we do not collect the data directly from you and you have an active profile with StepStone or LinkedIn for example, or you disclose an inactive or active profile to us in the context of the application procedure, we may also collect personal data from these.

6.3.            No automated decision-making

No automated decision is made in the individual case within the meaning of Article 22 GDPR, which means that the decision on your application is not based on automated processing.

7.    Newsletters and individual contact with offers and products

You have the option of ordering our newsletter, in which we keep you informed on a regular basis about innovations to our products and of promotions. In addition, you can allow us to contact you individually, for example with offers and products.

In order to provide our newsletter or to contact you individually, we use the so-called double opt-in procedure, which means that we will only send you the newsletter per e-mail or contact you individually, for example with offers and products, if you confirm that you are the owner of the specified e-mail address by clicking on a link in our notification e-mail. If you confirm your e-mail address, we store your e-mail address, the time of registration and the IP address used to register until you unsubscribe from the newsletter or notify us that you no longer wish to be contacted individually. The storage solely serves the purpose of sending you the newsletter or contacting you individually and as proof of your registration. You can unsubscribe from the newsletter or cancel individual contact at any time. There is a corresponding unsubscribe link in every newsletter. Notification to the contact details specified above or in the newsletter (e.g. per e-mail or letter) is, of course, also sufficient. The legal basis of the processing is your consent according to Article 6(1) lit. a) GDPR.

8.    Disclosure of data

The data collected by us is essentially only disclosed if:

  • You have expressly consented to this in accordance with Article 6(1) sentence 1 lit. a) GDPR,
  • The disclosure is required in accordance with Article 6(1) sentence 1 lit. f) GDPR for the assertion, exercise or defence of legal claims and there is no reason to assume that you have an overriding legitimate interest in the omission of the disclosure of your data,
  • We are legally obliged to disclose in accordance with Article 6(1) sentence 1 lit. c) GDPR or
  • This is legally permissible and is required in accordance with Article 6(1) sentence 1 lit. b) GDPR for the handling of contractual relationships with you or for the implementation of pre-contractual measures to be carried out at your request.

A portion of the data processing can be carried out by our service providers. In addition to the service providers mentioned in this privacy policy, this can, in particular, include the data centres that store our website/our storage portal and our databases, IT service providers that maintain our system and consulting companies. Insofar as we disclose data to our service providers, they may only use the data for the fulfilment of their tasks. These service providers have been carefully selected and commissioned by us. They are contractually bound by our instructions, have appropriate technical and organizational measures to protect the rights of the data subjects and are checked on a regular basis.

Furthermore, a disclosure may occur in connection with regulatory inquiries, court decisions and legal proceedings if so required for prosecution or enforcement.

9.    Storage duration

In principle, we store personal data only for as long as is necessary to fulfil contractual or statutory obligations for which we have collected the data. We then delete the data immediately, unless we require the data until expiry of the statutory period of limitation for evidential purposes for civil law claims or due to statutory retention obligations.

For evidential purposes, we must retain contract data for three years from the end of the year in which the business relations with you ends. Any claims become statute-barred in accordance with the statutory period of limitation at this point in time at the earliest.

In some cases, we may also have to store your data after this for accounting reasons. We are also obliged to do so due to legal documentation obligations arising from the Commercial Code (HGB), the Tax Code (AO), the Banking Act (KWG), the Money Laundering Act (GwG) and the Securities Trading Act (WpHG). The specified time limits for the retention of documents is two to ten years.

10. Your rights

You have the right at any time to demand information on the processing of your personal data by us. We will explain the data processing to you within the context of the provision of information and provide you with an overview of the data stored about your person.

If data saved by us are incorrect or no longer current, you have the right to have these data corrected.

You can also demand the deletion of your data. If the deletion is not possible due to other legal provisions in exceptional cases, the data will be blocked so that they are only available for this statutory purpose.

You can also restrict the processing of your data, for example if you are of the opinion that the data stored by us are not correct. You also have a right to data portability, i.e. to receive a digital copy of the personal data provided by you.

In order to assert your rights as described here, please contact data the points of contact stated above at any time. This also applies if you wish to receive copies of guarantees as evidence of a reasonable level of data protection.

You also have the right to object to the data processing, which is based on Article 6(1) lit. e) or lit. f) GDPR. Finally, you have the right to complain to the data protection supervisory authority responsible for us. You can exercise this right with a supervisory authority in the Member State of your place of residence, place of work or the location of the alleged infringement. In Berlin, the competent supervisory authority is: The Berlin Commissioner for Data Protection and Freedom of Information, Friedrichstr. 219, 10969 Berlin.

11. Right of revocation and objection

In accordance with Article 7(2) GDPR, you have the right to revoke consent once given to us at any time. This has the consequence that we will no longer continue the data processing based on this consent for the future. By revoking consent, the legality of the processing carried out on the basis of the consent until the revocation shall not be affected.

Insofar as we process your data on the basis of legitimate interests in accordance with Article 6(1) sentence 1 lit. f) GDPR, you have the right to object to the processing of your personal information in accordance with Article 21 GDPR to the extent that reasons exist arising from your specific situation or if the objection is to direct advertising. In the latter case, you have a general right of objection that will be implemented by us even without the specification of reasons.

If you wish to assert your right of revocation or objection, it is sufficient to send an informal notification to the above-mentioned contact details.

12. Data security

We maintain current technical measures to guarantee data security and in particular to protect your personal data against hazards during data transfers and from becoming known to third parties. These are adjusted according to the current state of the art in each case.

13. Changes to the privacy statement

We occasionally update this privacy policy, for example, if we adjust our website/our storage portal or if the statutory or regulatory requirements change.

A company of Engie

Energy is our future, save it!

Powered by jms multisite for joomla